URLhaus Database

You are currently viewing the URLhaus database entry for http://switch2cloud.net/wp-admin/balance/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:693981
URL: http://switch2cloud.net/wp-admin/balance/
URL Status:Offline
Host: switch2cloud.net
Date added:2020-10-14 19:17:06 UTC
Last online:2020-10-16 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-14 19:18:16 UTC to abuse{at}amazonaws[dot]com)
Takedown time:1 day, 16 hours, 17 minutes Poor (down since 2020-10-16 11:35:56 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-16REP_XDP_100120_HUI_101620.docdoc 33c9159cb870c324fdc315846558083363dc9560f0156ba73478128c25a3b38cVirustotal results 32.76%Heodo
2020-10-16INV_80KS6W11U1Q.docdoc e740fc6270797a0066f81948906ef8e53161c3fce038be592daa80d3f8c92516Virustotal results 30.65%Heodo
2020-10-16INV_QVF_100120_WRT_101620.docdoc 8f3f984fbd71cc396aa42dd0f50f3368055a81b68e63712dfe482c04b6ac804eVirustotal results 30.65%Heodo
2020-10-16FILE_EJX_100120_JUU_101620.docdoc fc806b39237bec90a8815cf600d9f371357926be080869be6a1cfce9c6a2e9caVirustotal results 32.26%Heodo
2020-10-16UQP_100120_BKM_101620.docdoc e1657e2b9da4fc39004ca0c0c681b59985f94ca16d04c3f363122de4bb444099Virustotal results 32.79%Heodo
2020-10-16TX_PCPE24DDTL1KFG7N.docdoc 9e16a1c487318559bca602d0c341d760109650549d600ab32ea6c5b07b9c838dVirustotal results 30.51%Heodo
2020-10-16INV_BNA_100120_FRH_101620.docdoc 559bb6f9101d44aeaf2eb59aedcfc95cf3d633ec3f05ad1becca0607c28bb866Virustotal results 32.26%Heodo
2020-10-16PD_YEQ_100120_HIL_101620.docdoc 5e68650f2243c0318d2a6e551b02d3294164edaa15b2fa7700e05337dd9eb4d3Virustotal results 32.26%Heodo
2020-10-16SRB_902E0Q7.docdoc e6896dad4ee0bc73a3114762b88c9d93732c631e64c537334ac38f7c7c421141Virustotal results 32.79%Heodo
2020-10-16FILE_ZRK_100120_JBV_101620.docdoc 44b5ac3a1688e978f2ab497cb9a2b77b9a4a27edb617212e27b63035becfb148Virustotal results 50.82%Heodo
2020-10-16DOC_45827259.docdoc 147b9616588be0def766828cbdc415348543d772fbf13e9a7fbe0b37b0ebf3fdn/aHeodo
2020-10-1634919682.docdoc 095fe16690d338ae33d6608dbe94adf60f398907737417666034e7a5b64eded8Virustotal results 50.00%Heodo
2020-10-16BAL_17101720516848766273266.docdoc 862a3557cbd080c1e4b737d044d2a849ffc1fda3cd46e474ff947ff583357464Virustotal results 50.00%Heodo
2020-10-16REP_PO_10162020EX.docdoc 98d7c4d63fcd23e0417a08c9645e5bb0729a1fe136941495b001db7126726608Virustotal results 46.77%Heodo
2020-10-16DOC_YQHRD5R.docdoc 874551f55294cc8838b596c8ffd8d4600ade4c1e932ea618012210a3ac7137c2Virustotal results 48.39%Heodo
2020-10-16BAL_1656965892.docdoc 29d8f14d9aad7f7303bfffcff57109e4a24983050638c356af826bf4febc04a2Virustotal results 52.46%Heodo
2020-10-16REP_LPQXV7Y6K.docdoc d3c37e88878ac9801e592c464b9f3e15b30ef3096684d4efb9ca6cc6dd042734Virustotal results 48.39%Heodo
2020-10-16DOC_VAM_100120_HFD_101620.docdoc dc7ade8fcae56fa5c268c86c9602ade9af26324733a73c86e60274a9f5b8e864Virustotal results 48.39%Heodo
2020-10-15BAL_PO_10162020EX.docdoc df301a07bada1a07adbe33c638f8c00159a565bafec1b7fc1ff5ff69b6a7946cVirustotal results 49.18%Heodo
2020-10-15PO_10162020EX.docdoc b1ebf8efae5ce8d163d465c5ed7b819bdcc16fdbe03f723da2d0b61114721d04Virustotal results 50.00%Heodo
2020-10-15FILE_AF0151743057DC.docdoc ab321ed0f56034ac636d328802440c291af5a379fee4ff6b31fbc859ab2d9004Virustotal results 52.46%Heodo
2020-10-15DOC_SK5179344665WF.docdoc c584c1bd086b6f8007e1a594498dd51149f97a492dd8113493a6dd21f9134ad6Virustotal results 51.61%Heodo
2020-10-15DOC_T0PB1YWNQGF.docdoc 18a1cbac953dff9b006371606aa8ba5ebd1794c14f128e5f46d46629e60383c9Virustotal results 50.00%Heodo
2020-10-15180135994800635750.docdoc 2955467d39aee8efaa08f284298b86e105ff6b8855c674bb41e38ca21d2c6bfeVirustotal results 46.77%Heodo
2020-10-15DOC_59033690.docdoc 98852e4e9b18aaefa6bf7599dca0b76b3e9990ec9b0cbf54ce1dd3a03015cc9aVirustotal results 46.77%Heodo
2020-10-15FILE_OVF_100120_HES_101520.docdoc 9ff3fa5bcfc5a9b21abf19a4f8f3c406f0874fd93f8508c58e42529f672a6d23Virustotal results 46.77%Heodo
2020-10-15Q_73479357.docdoc 966af50d9ffd82cdc2a4fa693620dfe90172ef15047cc10d3b35fcd47ae47c4fVirustotal results 46.77%Heodo
2020-10-15BAL_PO_10152020EX.docdoc a0af2c0d46bfa10fc4589560d7055a18babee6615726fb2893b817e111f9ecbfVirustotal results 46.77%Heodo
2020-10-15BAL_07037289305393255369336.docdoc 28a6bdd824538dcbdc61dc5ffe9d61ccf016e4a4bb027becec2d522503ec8b0aVirustotal results 46.77%Heodo
2020-10-15N_BD2361110450WV.docdoc 200fd063fbce58987452058b68b6f0d32d9fd51afddd74f6ed466124627fc51bVirustotal results 46.77%Heodo
2020-10-1529388739.docdoc 70652370e67cef224785a44a3bb57d19f00a8b000714cf7117ed9dec27b3c920Virustotal results 45.16%Heodo
2020-10-15BAL_PO_10152020EX.docdoc 2889aa2818bb6b697ece0258b29a039f5f46f85444792ecad4d3667806bb5610Virustotal results 46.15%Heodo
2020-10-15INV_91901396.docdoc 5781607bc4d3aa2d65dc523aab5dfea022ffae444327c4463969d7e461822367Virustotal results 46.15%Heodo
2020-10-15DOC_QES_100120_YKD_101520.docdoc 0ab272f979fa9aed2035beb2f578c7dd1b689f64452457def9e7aca2d1c91a3aVirustotal results 45.16%Heodo
2020-10-15B_3SDYIKBR1T.docdoc d9b7b5c042c7906658d29f0f2ce9d72212853dba41328c900b11987b9c264639Virustotal results 41.94%Heodo
2020-10-15BAL_71031708.docdoc a601d4de12b342342f6598cd8381b96e29a65844b37244bdff0603a42601f9a5n/aHeodo
2020-10-1507305528.docdoc fa437d31c734102e84da67e8db9d8af76a88f24bc9fd85ac6e53f60ac3d98726Virustotal results 41.94%Heodo
2020-10-15FILE_8U1WSNO.docdoc 3f6955a4c8030234f81c5371a9fe055356a777586aec5021a269eb74083d6ce6Virustotal results 40.98%Heodo
2020-10-15BAL_WQA63HLFY3FYOE.docdoc fc98055fe4921aa92b5fb0b2cbbae5ebc0ffdc932d1ca890b893c19a838d03d5n/aHeodo
2020-10-15FZ_PO_10152020EX.docdoc dbd52eeae1181eeddab6c7e1fc6a63564fdf6c6ab43a2ce880a8f1af89531022Virustotal results 41.94%Heodo
2020-10-15V_PO_10152020EX.docdoc a03ff18b9f7a2ceeb1d3067a8c8f377ea38c8f002a4d32776856c020705c32f3n/aHeodo
2020-10-1504080668596273.docdoc 35167e81519fe2cee61cea8f8989390c7c4142bb2639f430a40b9645a9eece16n/aHeodo
2020-10-15WH378I71GB.docdoc 4e6a0c30dbcc9c81697110910d0edcbf9a9f5442eaf0fed07248c448429580f5Virustotal results 39.34%Heodo
2020-10-15S_6719176834294780407.docdoc fac59c311d502bd79eeed90be635654883567581760cae6102e5e888e7722985Virustotal results 38.71%Heodo
2020-10-15BAL_534362492512881.docdoc 7090709f52d501d474099b72e83d8111131d24e787608422f75bdfff4950303cVirustotal results 38.71% Heodo
2020-10-15DOC_02556985.docdoc 7697faf6a3ac06e7f465152759a63f92d67946fef445bd4c26c487b579ff857dVirustotal results 39.34%Heodo
2020-10-15LBYW_CXU55HGZ7Q8VP.docdoc 8540e32802a73812f63cd91be7631aadde502adba53629c5327301393352925eVirustotal results 38.71% Heodo
2020-10-15FILE_BP2GTDU.docdoc f1240c9ee1acded26f34268c60493158d33b479859efcb608efd96167344e35dVirustotal results 38.71%Heodo
2020-10-15UVNT_6YFB23NUF.docdoc 63a12d5fc1be102cc43155a0bddbaa57e075b647224c268cde1d288d6db2a4ccVirustotal results 39.34%Heodo
2020-10-15REP_TCN_100120_GIN_101520.docdoc 8a18bd4ad8eba8310bcd422c1ba2612b6ad2adbcbdf5fb76408f85fbf496b5ben/aHeodo
2020-10-15INV_HK1265584442WE.docdoc d30ec2dde96e92164e6be1b42ad79b2b25464da4be6140e0965cb115a5d9e8ddVirustotal results 32.26%Heodo
2020-10-15VBP_100120_GVC_101520.docdoc 36214ebd8002b76ea05ec1f314ba5d01bd52986535be9a5a91395a0460389791n/a Heodo
2020-10-15REP_MU5708656289FA.docdoc 5d3017d4878e28f04f39fe176de060a002b3f4752644eeb98f04ee2593d259dbVirustotal results 32.26%Heodo
2020-10-15FILE_ZFB_100120_IME_101520.docdoc a251d76425f1841e17b9efa9ab58b8a0f26c25f997500348b2c5a7cac89daa78n/aHeodo
2020-10-15WLU_100120_WXX_101520.docdoc 74162fa1b634bfdde5cbbc8882362c3d5083368cbea1e88ab8c413863cab2ac3Virustotal results 32.26%Heodo
2020-10-15G_SN1243242509QF.docdoc d000ec56fd7a5ad82add1c1e5a04c56ccad42829b2d99b18e228d9c920def501n/aHeodo
2020-10-1513362393.docdoc 5b03fd654aaf2b8230856d9d7910d4255d663fc3399763cd4a7491eb5769350aVirustotal results 37.74%Heodo
2020-10-15BAL_22330841.docdoc 2a3d73d8e391636548a28421a0cceeaa7fab08cb60380bf090a57a1af35b96fbVirustotal results 37.70%Heodo
2020-10-15N_38987301.docdoc 3cbba280192a0fd99aa090f95cc1e2291a670a7cf53bca32811ff38da7289a95Virustotal results 36.07%Heodo
2020-10-15DOC_CS1415874605NE.docdoc b0639e0dc0de31e5a868142dce9b0b73a942fb5b41c0592245d8011c19728c32Virustotal results 37.10%Heodo
2020-10-15H6PAIKUDN0.docdoc 40cd7ad9c0ebdf03adc1f14bb7d6554f74a043088f9aab4a39e2bbf0daa01932Virustotal results 37.70%Heodo
2020-10-152MSKDFYB8.docdoc 599c5a96c48cab303ee9a8fedda331cf66f2db8f076733cf715d00c5c4278e20Virustotal results 40.68%Heodo
2020-10-1538317359.docdoc eb0efcd4366f3c4e3f529ff2b1e108a1fcb1e3ef0e7485cef709d9351d64b55fn/aHeodo
2020-10-15REP_DY0191796861YD.docdoc 5fefd7066e7cb6344aa6f4ceb150de371e98cc1de2af7bfa2fa46cb4949ff0aeVirustotal results 32.26%Heodo
2020-10-1563422139.docdoc 826df3430c822b2aa33180efdc56c45a6a2e76c53620a4956652785a354fe744n/aHeodo
2020-10-15M_PO_10152020EX.docdoc 03afbf9b046ee6d340253662dfb45f59e4fb6e75b28dd8bf52bb8becb58145b0Virustotal results 30.51%Heodo
2020-10-15INV_TE9825408541AM.docdoc fc4e851464b275cb4206af8ce176350c7e12b7b1334a795cf27e48bb6cd9df06Virustotal results 32.79%Heodo
2020-10-15REP_77D5LHQBLSBKS6.docdoc 25aa35b354712a75a1fa86936a9f4195ea8e3c08a6e6f2c3b9820cb4dd28209dVirustotal results 37.10%Heodo
2020-10-15VPC_100120_RCB_101520.docdoc 9b215a17a892b453c3f564442181f449693efbb1777c15f53e2238544500a92fVirustotal results 29.03%Heodo
2020-10-15REP_7JA5MVLPXEQN7Y6.docdoc 92a930cc35f0b758afa1eb48adbd009a241f19b3a1e5a10f2fda6b5495256eebVirustotal results 33.33%Heodo
2020-10-152710793590227770221.docdoc a9e9fd09c8758fd9bc32c4f3cdc9b19afafdeb894a288778c2a4df42944be7c0Virustotal results 35.48%Heodo
2020-10-15F_VKY_100120_GBE_101520.docdoc cca3799a5d79aad049795ea6a869e22d90d248ef1c1193d5d5933237b20157c5Virustotal results 32.26%Heodo
2020-10-15INV_PO_10152020EX.docdoc 6d531c0d2bfa18875d304220ef3fc95e74bd8f98c539ceb1755245c2394e0b31Virustotal results 31.15%Heodo
2020-10-15MQ_68397303.docdoc 0542ec36ffc846a864befb3bf220746110608b4242bcc75caff8b9f2cc196f71Virustotal results 29.03%Heodo
2020-10-1576963362.docdoc 5b4c47d73226347391f06e552ff9caa035e74cdcd652ac424c4364ab6fcca280Virustotal results 35.48%Heodo
2020-10-14TII_100120_KWQ_101520.docdoc efcdcddeb3af5c4adfe778f16974560901ff95704d36d10c3c7969b43e1e5e10Virustotal results 30.65%Heodo
2020-10-14Q_PO_10152020EX.docdoc 285bac1c67ccd0ea184f852a4f063955511ea533a444fd1115733221099bb823Virustotal results 27.87%Heodo
2020-10-14M_PO_10152020EX.docdoc 0d6731404ab523678e4e70272959a38c04c12861e5d94284b88316c3830f0b9bVirustotal results 30.65%Heodo
2020-10-14INV_93839002.docdoc 9670351cda3385021054e49a74fab0df1f24d4e7d1344baddab81bfc1a4ae963n/aHeodo
2020-10-14L_UD2511485186OF.docdoc 89a7221256e253cd0904a91ca49c1c82118be9cdac76b21a6735eae4871ab400Virustotal results 27.42%Heodo
2020-10-14PO_10152020EX.docdoc eef9ce8af0cb687d9c2cba626d32c2c422cdf4af29344709135f8f5e79a75598Virustotal results 32.79%Heodo
2020-10-14DOC_PO_10152020EX.docdoc 51c5985ef24ede55a5446682821fdd52ed3f7c5a78f003cbca23e2412bd4971an/aHeodo
2020-10-14DOC_29328495.docdoc 89805057d1a481cf26a6efd0f74ed731cefd3ee7547ac6f529a6cce3223f6d07Virustotal results 27.42%Heodo
2020-10-14REP_UQY_100120_RBX_101520.docdoc 71fa0aaad2c5cd2e5e01af73667f97eb339a574575e69a2086b5f4c84ea05800Virustotal results 33.87%Heodo
2020-10-14LM_895887479787461562773.docdoc ddf5dc01672e436635664913967a082edb4a0efe0bb3c4c29ffe7e0016cfd353Virustotal results 27.87%Heodo
2020-10-14DOC_286055008198.docdoc 0d4936ae5e3283118f9e06740ac00c8fb354fd8ae5abe43d0ee6b3bdd1cc56e9Virustotal results 27.42%Heodo
2020-10-14M_EHQ_100120_QIK_101420.docdoc 8c1a9e39c903295352d356dcb9fc85fabf4ab6714062a12893e5a606407e8925Virustotal results 27.87%Heodo
2020-10-14REP_044189964.docdoc dff04a292f708be6dc651f4164c2f711a836eeab00529793693a3f25518a0341n/aHeodo
2020-10-14FILE_OZ8727285575SH.docdoc 9cdefce35cdb78bfad530dc47d20a2497159cfaff4df8e163843ece18a16396cVirustotal results 25.81%Heodo
2020-10-14BAL_TT0391613001CU.docdoc 4d0980efc959fbdb7ffe8d0f5ff0ff9173e3d7a474f95fa6083ec5d60b5a12f4n/aHeodo